Configuring multiple Base clusters with one ECS cluster

You can configure one Embedded Container Service (ECS) cluster to work with multiple CDP Private Cloud Base clusters managed by separate instances of Cloudera Manager. In order to do this you must first create a combined truststore .pem file that contains the ECS Control Plane truststore .pem file appended with the certificate files of each of the CDP Private Cloud Base clusters.

Use the following steps to configure one ECS cluster to work with multiple CDP Private Cloud Base clusters:

  1. Append the ECS Control Plane truststore .pem file with the certificate files from the additional CDP Private Cloud Base clusters.
  2. Register an ECS environment with each of the additional CDP Private Cloud Base clusters.
  3. Create data services within each environment.

Step 1: Append the ECS Control Plane truststore .pem file with the certificate files from the Base clusters

  1. On the ECS Control Plane, run the following kubectl command to get the contents of the configmap:
    kubectl get configmap cdp-private-installer-truststore -n cdp -o yaml > cdp-private-installer-truststore.yaml
  2. Copy the truststorePEM content, decode it, and store it in a file. For example:
    echo LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURhakNDQWxJQ0NRRG5iNnhmK0dQR1l6QU5CZ2txaGtpRzl3MEJBUXNGQURCWk1Rc3dDUV
    lEVlFRR0V3SlYKVXpFTE1Ba0dBMVVFQ0F3Q1EwRXhDekFKQmdOVkJBY01BbE5ETVEwd0N3WURWUVFLREFSRFRFUlNNUXd3Q2dZRApWUVFMREFOQ1RGS
    XhFekFSQmdOVkJBTU1DaW91YUhkNExuTnBkR1V3SGhjTk1qTXhNVEV3TVRRME1qUXdXaGNOCk1qUXhNVEE1TVRRME1qUXdXakFWTVJNd0VRWURWUVFE
    REFvcUxtaDNlQzV6YVhSbE1JSUJvakFOQmdrcWhraUcKOXcwQkFRRUZBQU9DQVk4QU1JSUJpZ0tDQVlFQS9lZkJtK05IQTdWUTF1M05qK3ZoRGFRV0p
    JcUhFbVcxOFlpYgpBQUdiYmlvYi9YYnY0aTRINU81MXV3SjJ1cWowaktUM3dBU3l0UG0yS0p1RE9vVXMveWhJc0xuK3VOWlMzd292CkNxSk5RcWpRT3
    N2RUVITU5ZZ3JOWExMclhlbHZHTXl4aG16bVFlSEhHTkZhcldENVkwd1laMVVIaG00a0pUUTUKTFhoZm1JVjJlTUJieE4ySVB2WU1TV1AvYmo4ekF3a
    k50OHQvVUhhaFRTeWljUktEWitsMGxoeGt0cHpzdmxmcQo4eXNCVTBBQ2MvbWp2bGNWS0xyNVVRSTRadVNFb2ZRK1QyaEpITEZNQ0N4bFJvcWN5aFo0
    QmtlZmZwaUhIOGJHCm9kd2tSaHRRMVFJcFFxSklCLytCOWNZbkFjYlBFaHlXekh1TGlqakl5VTZOYWZ3SmpoTG1SVmptRmpWNzNvZmgKanJ4V1BtVyt
    FSDJZODRWK3RpOVdIZE5LQW9KNzU4bzZaSmJsc3ZBRVBNVytBVmw2clFMTTFPZXN1UTNtczcxMwpWOENObFBWVEQ0UGdpaythOG1YV3FWZkVZN2F1V3
    N1YnIwUkIyeFliWHBHd21WdWxrSjdYRURHOEpmN2hFNzRqCkRhMlJaeWN5YXdScGF3SXV2V1kwWGtoSktOOTNBZ01CQUFFd0RRWUpLb1pJaHZjTkFRR
    UxCUUFEZ2dFQkFDcTcKSDU5R2lnKy9iUVB3enhmUmF6d1hXM09mT3M1UjNnU0hGeDRmS1BXVlN5TjEwaW5Obmdxejd4R2dYVnBpRDdWNApQRGVXZFRZ
    MjdHN2w3ZHBjek1FS2ptN25XOUp3RW05S3dyRndWRWh0OWEzNjVvUnhqTzA3Y09VanZYaEwydkx1Cnk1eHRYZlJyZXlPalNmZDVxcnlKVlBoMDBHb0N
    UWTViMy9wK25saWJUUmNkY29mQkFTU0VhbnhaVDJoc1B2V3kKSG9PVkVGSm1rTnVxRHJhS2YySlFxRnR4aGs0MFIvUW9LVUpKUTgzUWIxZHBmWWVCdE
    9lWXRVNExmQWV3Y0RuRwpFWUQvYVplblgwU2cxRTRoRS9NaUNFN2R6ZzY4TVVPeWVBV1pCelJuMHBEZ1VtanpTOUNndi9GQ240MjV0QnR5Cis5anY1W
    it3TVNkd1VZL2VudEE9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0KLS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURlekNDQW1PZ0F3SUJB
    Z0lVQWRidE11Q3JycVRMYlUzRzhPakZRUW5YNGY4d0RRWUpLb1pJaHZjTkFRRUwKQlFBd1dURUxNQWtHQTFVRUJoTUNWVk14Q3pBSkJnTlZCQWdNQWt
    OQk1Rc3dDUVlEVlFRSERBSlRRekVOTUFzRwpBMVVFQ2d3RVEweEVVakVNTUFvR0ExVUVDd3dEUWt4U01STXdFUVlEVlFRRERBb3FMbWgzZUM1emFYUm
    xNQjRYCkRUSXpNVEV4TURFek1UTXpOVm9YRFRJMU1URXdPVEV6TVRNek5Wb3dXVEVMTUFrR0ExVUVCaE1DVlZNeEN6QUoKQmdOVkJBZ01Ba05CTVFzd
    0NRWURWUVFIREFKVFF6RU5NQXNHQTFVRUNnd0VRMHhFVWpFTU1Bb0dBMVVFQ3d3RApRa3hTTVJNd0VRWURWUVFEREFvcUxtaDNlQzV6YVhSbE1JSUJJ
    akFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBCk1JSUJDZ0tDQVFFQXczQXBYeXg4dkxXSVZqSlpLZzNpb29XcGdtNjZwN2gxWCtRWUVVZ0Q0VEc3dkZ
    2OGNUckkKdzlaZ1VpcW1zUTVJRlZxRk5lcEFpSFBteUxscDl1d1RhTEthdm9IZ2pXU0p1K2dwaUdiMHJiR1hkM3ltYkw5Rwp2Sm1pNmtPZW9SeHpQbk
    N5SVVEa3NmU3kzdE5pWlNRRFRubmhUWk9Zc2tmbDdZK1VYaVJVS2NBNExkWTBWSTVJCnpmRlR0cW5qM0o4SnJ6d0dJd1NoK0ZNdHRyWFQ5WFI5bzVpL
    0M2cWh0L1JwbEx3QTB6ZVlYSDhkNjl2Ykw4T1EKemREeXZlcmptRXZjS3F1bGo4NU1CSTZwcVRGb21QcEp5VVlxS0cwN2U1WDN0QmZiVzk2QXdYT1BT
    SFd0QlpndwpyeTVFbzRxWVRJMGZmYlFCS3ZIVElzYTd3T0xmRzAvK3J3SURBUUFCb3pzd09UQUxCZ05WSFE4RUJBTUNCREF3CkV3WURWUjBsQkF3d0N
    nWUlLd1lCQlFVSEF3RXdGUVlEVlIwUkJBNHdESUlLS2k1b2QzZ3VjMmwwWlRBTkJna3EKaGtpRzl3MEJBUXNGQUFPQ0FRRUFtKzFZUlg5M2k1Q1FPQl
    FIVVZ2Y2M1OWFMb2Y3SnJxcGNaN0NOaGJXMzc4Zgo3RTNpTjhBY1BNQ0dvZllTeWFrblQxVlkwdDNiVXhtSTFSdXdEUXNDU3U1MmlhYnhIVUhrOFBEQ
    jk5NTRxL3RtCkh4MXpVR0VURkZaZHdkb0dDMk14Ui9WdU9wbExza2hEc0ZJZmpaZC81clVrL1QvMUxUaC8zMExBbGhPVzNtek8KZFJWWC9LR2QyWGZ3
    SFNzQ3FRTFk4WGZQM0d3WHgrTmVUY09vTEQycXYvYW1kMnY1dlVtdXpONzErZjR3bXVvbwpaZ1JiYk9OSkMvdzVzV3MvWVRaODd1M1JNUWExd2gvckl
    YMk1QMzNTMG1SeHJkSXlpeGMxamF6ZTYxWmRUUnk5Ck9NQ2RmZEpGNFE1RndmODdWSWpYZXdPemdQVnFJVGVNVW1vcy9HR0p0UT09Ci0tLS0tRU5EIE
    NFUlRJRklDQVRFLS0tLS0= | base64 -d > cdp-private-installer-truststore.pem
  3. Obtain the truststore .pem file from the first additional Cloudera Manager host from /var/lib/cloudera-scm-agent/agent-cert/cm-auto-global_cacerts.pem or /opt/cloudera/CMCA/trust-store/cm-auto-global_cacerts.pem and copy the contents.
  4. Append the cdp-private-installer-truststore.pem file created previously with the contents of the Cloudera Manager .pem file.
  5. Repeat the previous two steps for all additional Cloudera Manager hosts you would like to register environments with.
  6. Log in to the ECS cluster Management Console and click Administration > CA Certificates. Select Datalake in the CA Certificate Type drop-down, click Choose File, then select the appended cdp-private-installer-truststore.pem file and click Upload. Click Save to save your changes.

    You can also use the following CLI commands to upload the cdp-private-installer-truststore.pem file and update the global truststore with the encoded certificate file content:

    cat cdp-private-installer-truststore.pem | base64
    cdp environments --set-environment-setting --settings truststorePEM=<base64 encoded CM cert> --no-verify-tls

Step 2: Register an ECS environment with each of the additional Base clusters

  1. Log in to the ECS cluster Management Console and Register an environment for the first additional Base cluster using the applicable Cloudera Manager URL and credentials.
  2. Repeat the previous step for the rest of the additional Base clusters.

Step 3: Create data services within each environment

Refer to the following topics to create the data services of your choice in each environment: